General
-
Target
fefa0aa8217716ecbfd713cfa47f29cee5b4a7c4e4b2968680a5faa77a2b23c5
-
Size
392KB
-
Sample
221126-2n9qvaec5z
-
MD5
0fbecec65bdc3e58a3604c015f24e3d1
-
SHA1
d4a0b4b628768d2ad970c69c661bcd7f174c76b0
-
SHA256
fefa0aa8217716ecbfd713cfa47f29cee5b4a7c4e4b2968680a5faa77a2b23c5
-
SHA512
30397c4aa49b62905db894b2abaf911fda73391af9969e713b5bdc10a78f78591a711c2de2b6a96745ef7ae94e18020dc95c2a6b301633e58893c185949e9df0
-
SSDEEP
12288:ZQB0GnWtil+1pcuVhbNrSqEw6tXLMRWgG:KVnWtRb/hxrQZMRW7
Static task
static1
Behavioral task
behavioral1
Sample
fefa0aa8217716ecbfd713cfa47f29cee5b4a7c4e4b2968680a5faa77a2b23c5.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
fefa0aa8217716ecbfd713cfa47f29cee5b4a7c4e4b2968680a5faa77a2b23c5
-
Size
392KB
-
MD5
0fbecec65bdc3e58a3604c015f24e3d1
-
SHA1
d4a0b4b628768d2ad970c69c661bcd7f174c76b0
-
SHA256
fefa0aa8217716ecbfd713cfa47f29cee5b4a7c4e4b2968680a5faa77a2b23c5
-
SHA512
30397c4aa49b62905db894b2abaf911fda73391af9969e713b5bdc10a78f78591a711c2de2b6a96745ef7ae94e18020dc95c2a6b301633e58893c185949e9df0
-
SSDEEP
12288:ZQB0GnWtil+1pcuVhbNrSqEw6tXLMRWgG:KVnWtRb/hxrQZMRW7
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-